I have two subnets which are almost totally separated, but I'd like to stream media over DLNA from one to the other.
Trusted net "lan" 192.168.1.x, including my nas (192.168.1.10)
Untrusted net "media" 192.168.2.x
Media is for my roku and similar, devices which I'd like to stop from being able to freely scan my network. LAN is where trusted machines like my NAS live. I'd like my media devices to be able to stream over DLNA from my NAS, which at first blush sounds like a job for a few small firewall holes.
I can stream over DLNA from within LAN, so we're all good there.
MiniDLNA seems to want TCP 8200 and UDP 1900. What I thought would work was
- allow nas at 192.168.1.10 to broadcast UDP to all of the media range
- allow a media device to connect to the nas directly once it receives the advertisement
To that end I created the following rules:
config rule 'dlna_udp' option name 'DLNA_UDP' option src 'lan' option dest_port '1900' option dest 'media' option src_ip '192.168.1.10' option proto 'tcp' option target 'ACCEPT' config rule 'dlna_tcp' option name 'DLNA_TCP' option src 'media' option dest_port '8200' option dest 'lan' option dest_ip '192.168.1.10' option proto 'tcp' option target 'ACCEPT'
This doesn't seem to work. I probably misunderstand how DLNA works at a minimum. Thoughts?